﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
//using Web.Auth.Helpers;

namespace API.Models.Repository
{
    public class SEC_USERS_Repository : GenericRepository<PartnerDbContext, SEC_USERS>
    {
        public override IQueryable<SEC_USERS> Find(System.Linq.Expressions.Expression<Func<SEC_USERS, bool>> predicate)
        {
            IQueryable<SEC_USERS> query = _entities.SEC_USERS
                .Include("COMPANIES")
                .Include("COMPANIES.COMPANY");

            if (predicate != null)
                query = query.Where(predicate);

            return query;
        }

        public override void Edit(SEC_USERS entity)
        {
            if (this.session == null)
                throw new HttpException(401, "Unauthorized access");

            var user = this.Find(r => r.GUID_RECORD == this.session.USER_GUID).FirstOrDefault();

            if (user == null)
                throw new Exception("Пользователь не найден");

            user.EMAIL = entity.EMAIL;
            user.FIRSTNAME = entity.FIRSTNAME;
            user.LASTNAME = entity.LASTNAME;
            user.MIDNAME = entity.MIDNAME;
            user.TIMEZONE = entity.TIMEZONE;

            base.Edit(user);
            this.Save();
        }

        public SEC_USERS Register(string email, string password)
        {
            if (this.Find(r => r.EMAIL == email).Any())
                throw new Exception(String.Format("Пользователь {0} уже зарегистрирован", email));

            var user = new SEC_USERS
            {
                GUID_RECORD = Guid.NewGuid(),
                EMAIL = email,
                FIRSTNAME = String.Empty,
                LASTNAME = String.Empty,
                PASSWORD_HASH = API.Core.Util.GetMD5(password)
            };

            this.Add(user);
            this.Save();

            return user;
        }

        public SEC_USERS Register(SEC_USERS user)
        {
            if (this.Find(r => r.EMAIL == user.EMAIL).Any())
                throw new Exception(String.Format("Пользователь {0} уже зарегистрирован", user.EMAIL));

            user.GUID_RECORD = Guid.NewGuid();
            user.PASSWORD_HASH = API.Core.Util.GetMD5(user.PASSWORD);

            this.Add(user);
            this.Save();

            return user;
        }

        public void ResetPassword(string email, string password)
        {
            var user = this.Find(r => r.EMAIL == email).FirstOrDefault();

            if (user == null)
                throw new Exception(String.Format("Пользователь {0} не найден", email));

            user.PASSWORD_HASH = API.Core.Util.GetMD5(password);

            base.Edit(user);
            this.Save();
        }

        public void ChangePassword(string password)
        {
            if (this.session == null)
                throw new HttpException(401, "Unauthorized access");

            var user = this.Find(r => r.GUID_RECORD == this.session.USER_GUID).FirstOrDefault();

            if (user == null)
                throw new Exception("Пользователь не найден");

            user.PASSWORD_HASH = API.Core.Util.GetMD5(password);

            base.Edit(user);
            this.Save();
        }
    }
}